Google+ privacy tips from Kaspersky

Kaspersky Lab has warned that fake Google+ invites contain malware, and offers advice on how to prevent this.

July 21, 2011
Laptop malware spill

Fake Google+ invites contain malware and link to sites with the purpose of farming e-mail addresses of potential targets, according to Kaspersky Lab.

The company has offered some advice on how to secure your Google+ account, which includes:

  • Profile management section. Within this section, Google+ offers privacy level settings that allow users to customise the privacy of every aspect of their Google Plus account.
  • Circle Management. This offers users the ability to limit the information you display to certain groups of people. Circles are the main privacy control centre according to Kaspersky.
  • Instant upload. This feature is active by default if you use Google Plus on an Android Smartphone. It will instantly upload photos and video you’ve taken to a Picasa profile for future use. To save on data costs as maintain privacy, this setting can be disabled.

Full press release below:

Google Plus + fake invites = dangerous malware and infection, says Kaspersky Lab

Kaspersky Lab warns Internet users of targeted attacks on newly launched Google Plus social networking site.

Having only launched at the end of June, Google Plus is growing fast, having already reached more than 10 million* users in its first week of operation. However, as with any social network, over sharing has become the default option, and as such, is a constant concern. Considering Google Plus is new to this arena, it is interesting to note that it has already attracted the attention of cybercriminals. In fact, Kaspersky Lab have identified that cybercriminals are already targeting individuals through friend invites to this network, via emails.

Says Fabio Assolini, Malware Researcher, Global Research and Analysis Team at Kaspersky Lab; “Google Plus is another addition to the social networking world, and while certainly an exciting avenue to explore in this regard, considering the world of Internet cybercrime, Kaspersky Lab have identified that Brazilian cybercriminals have already started sending fake invites with malicious links pointing to malware, specifically Trojan bankers. We recently found one targeting Portuguese speakers and as such, feel that it is crucial to warn users of the potential security threats targeting this social networking site as it is only set to grow.”

The fake invite contains an infected link that when accessed, redirects the user to a very common Brazilian Trojan banker file – a .cmd file hosted at Dropbox. The most interesting thing to note in this message however is another link pointing to a form hosted at Google Docs. The message shows the link as “send the invitation to your friends” but it is actually a fake form created to collect names and e-mail addresses of new victims. Kaspersky Lab has reported this malicious file and the fake Web form to Google for their interest.

Social networks are seen as one of the greatest security threats among businesses, along with various other forms of file sharing. The introduction of new social networking sites creates a haven for cybercriminals to implement virus and threat activity for their own gain; especially as such sites are without a doubt popular among users. In fact, looking at statistics it is evident as to why these sites attract cybercriminals – lots of user. According to Strategy Worx CC**, worldwide Facebook has 750 million users, of which over four million (approximately 4 095 280) originate from South Africa. The same reports also indicates that Twitter has an estimated figure of 277 million worldwide users of which approximately 900 000 users are in SA. Google Plus is fast gaining the attention of users and the nature progress to cybercriminals is evident.

As such, Kaspersky Lab offers the following tips for securing a Google Plus account:

  • Profile Management – The profile editing section is the brains of the Google Plus’s privacy, providing a versatile interface that allows you to customise how you share each and every nugget of your information. Be sure to use it and make your privacy levels a high priority.
  • One circle to rule them all – If you’re going to use Google Plus, you need to learn to master the fine art of Circle Management. Circles are the main privacy control centre of Google Plus. They allow you to create groups of friends and associates using a powerful (and cool) user interface that makes it easy to group friends, family and co-workers, and then limit who can see what.
  • Instant upload - If you access Google Plus using your Android phone, photos and videos you take are automatically uploaded to Google’s cloud via a new tool called Instant Upload. Don’t worry – photos aren’t shared by default, but are stored on a private Picasa Web folder for future sharing. Instant Upload is a fine idea – for a minority of users – but it’s enabled by default and may take a lot of new Google Plus users unaware. To disable Instant Upload, click into the app, Menu/ Settings/ and at the top of the screen uncheck “Instant Upload” for increased protection.

Concludes Assolini; “If you are interested in joining Google Plus, our advice would be to ensure you explore this medium on a secure computer, whist being cautious at all times of pop up blocks and links that insist you re-direct. Furthermore, Kaspersky Lab urge users to not believe in supposed invites received via e-mails. Ensuring a safe social networking experience requires you to be aware that such threats exist, thereby being able to take action the necessary action required and socialising in a secure environment.”

 

Tags: Active, Google, Kaspersky Lab, malware warning, privacy, security

Free Email Newsletter:
Subscribe

Shutterstock is the image partner of MyBroadband – technology images can be found here

Join the conversation

Connect with MyBB

twitterfacebookandroidappleblackberrynewsletterfeed

Poll

Which tech brand do you like the most?

View Results

Loading ... Loading ...

More News

Eskom cannot pay: service provider

Eskom light

A former Eskom service provider is accusing the utility of engaging in litigation without any merit in an effort to avoid payment of at least R47 million

Google is playing catch-up on cybercrime with Project Zero

A Google logo is seen at the garage where the company was founded on Google's 15th anniversary in Menlo Park, California

Google’s new Project Zero team adds some welcome muscle in the fight against cybercrime

R1 billion in unpaid e-toll bills: minister

e-toll bills

Unregistered motorists in Gauteng owe the SA National Roads Agency Limited (Sanral) over R1 billion in unpaid e-toll accounts

Telkom responds to Maseko number plate cloning allegations

Sipho Maseko

Telkom said that its CEO Sipho Maseko has presented himself to the authorities to resolve the car license cloning allegations within the ambit of the law

Free MyBroadband Newsletter:
Subscribe
X
bool(true)